Sunday, July 29, 2007

Did you already try to put an onload javascript event in the HTML body of your page in APEX?

You may want to do that to run some initial javascript when your page loads.For ex. in DG Tournament I use the onload event to enable Google Suggest.

In Oracle Application Express you put the onload event in the HTML Body Attribute section

If you would look in the source of your HTML page you would see something like:

<body onload="get_ApexEvangelists();">

However, when you try to put the above code as HTML Body Attribute, you may get the error "You may not declaratively set cursor focus if you specify an ONLOAD in this attribute." The complete message:You should always read the messages ;-) But I noticed (also with myself) that you check quickly your code to see what you did wrong. However it has nothing to do with your code...

You can fix this error by go to the Display Attributes of your Page and set the Cursor Focus to "Do not focus cursor" instead of that APEX puts the focus to the first item of the page.

People seeing this message by "Googling" the error, didn't read neither ;-)

Tuesday, July 10, 2007

Scott Spadafore, Oracle ACE and one of the developers of APEX, especially in the security area, explained what happened when you click the logout link in your Oracle APEX application.(so for this post all credits go to him)

The built-in item LOGOUT_URL gives you access to the logout URL attribute of the current authentication scheme. In referencing it as &LOGOUT_URL. or v('LOGOUT_URL'), or as a bind variable, the resulting attribute will have had basic substitutions performed on it first, e.g., for &APP_ID. and &APP_SESSION., facilitating its typical use as the target of a Navigation Bar Entry.

If you hover over this link in your application, you'll see that it's a full URL (host:port/pls/DAD/...) with substitutions completed and that the result of using the link is to execute the wwv_flow_custom_auth_std.logout procedure through modplsql.

Let's review the standard machinery:What does the logout procedure do?

How does it know what cookie to unset?...The cookie name is also an attribute of the curent application's authentication scheme so it looks it up.

How does it know what the current application is since the logout procedure is not run in a "page request context"?...The current application ID is a input parameter to the logout procedure (&p_this_flow=&APP_ID.).

How does it know what page to show after logout?...That's the other input to the logout procedure (&p_next_flow_page_sess=&APP_ID:1 where the application and page to redirect to are both given).

But it looks like it goes to page 101 (login page) after logout....Yes, but the instructions were to redirect to page 1 after logout and if page 1 requires authentication, you have to login first. After login, you'll go to page 1.

How to create a custom logout procedure or call some DML during the logout operation?

A good way to do that is to change the logout URL in the authentication scheme to simply be a URL to a page in your application, say page 99:

f?p=&APP_ID.:99:&APP_SESSION.

On page 99 create a before-header process to call your DML procedure (or do the DML in the page process directly).Then create a second process on the page (also an on-load vs. an after-submit process) that does: